Bryan O'Sullivan avatar Bryan O'Sullivan committed c9881ee

Close file descriptors on exec.

Comments (0)

Files changed (4)

  * General Public License for more details.
  */
 
+#include <assert.h>
+#include <fcntl.h>
 #include <stdarg.h>
 #include <stdlib.h>
 #include <stdio.h>
 #include <sys/wait.h>
 #include <syslog.h>
 #include <unistd.h>
-#include <assert.h>
 
 #include "netplug.h"
 
 }
 
 
+void
+close_on_exec(int fd)
+{
+    if (fcntl(fd, F_SETFD, FD_CLOEXEC) == -1) {
+        do_log(LOG_ERR, "can't set fd %d to close on exec: %m", fd);
+        exit(1);
+    }
+}
+
+
 pid_t
 run_netplug_bg(char *ifname, char *action)
 {
             do_log(LOG_ERR, "can't create interface socket: %m");
             exit(1);
         }
+        close_on_exec(sockfd);
     }
 
     int pollflags(struct if_info *info) {
         exit(1);
     }
 
+    close_on_exec(child_handler_pipe[0]);
+    close_on_exec(child_handler_pipe[1]);
+
     if (fcntl(child_handler_pipe[0], F_SETFL, O_NONBLOCK) == -1) {
         do_log(LOG_ERR, "can't set pipe non-blocking: %m");
         exit(1);
         if (status == -1) {
             if (errno == EINTR)
                 continue;
-	    if (errno == EAGAIN)
-		return 1;
+            if (errno == EAGAIN)
+                return 1;
 
             do_log(LOG_ERR, "OVERRUN: %m");
             continue;
             exit(1);
         }
     outer:
-	/* do nothing */;
+        /* do nothing */;
     }
 }
 
         exit(1);
     }
 
+    close_on_exec(fd);
+
     struct sockaddr_nl addr;
 
     memset(&addr, 0, sizeof(addr));
 int if_match(char *iface);
 int try_probe(char *iface);
 void probe_interfaces(void);
+void close_on_exec(int fd);
 
 extern int debug;
 
     char name[16];
 
     enum ifstate {
-	ST_DOWN,		/* uninitialized */
-	ST_DOWNANDOUT,		/* went down while running out script */
-	ST_PROBING,		/* running probe script */
-	ST_PROBING_UP,		/* running probe, and interface went UP */
-	ST_INACTIVE,		/* interface inactive */
-	ST_INNING,		/* plugin script is running */
-	ST_WAIT_IN,		/* wait until plugin script is done */
-	ST_ACTIVE,		/* interface active */
-	ST_OUTING,		/* plugout script is running */
-	ST_INSANE,		/* interface seems to be flapping */
-    }		state;
+        ST_DOWN,                /* uninitialized */
+        ST_DOWNANDOUT,          /* went down while running out script */
+        ST_PROBING,             /* running probe script */
+        ST_PROBING_UP,          /* running probe, and interface went UP */
+        ST_INACTIVE,            /* interface inactive */
+        ST_INNING,              /* plugin script is running */
+        ST_WAIT_IN,             /* wait until plugin script is done */
+        ST_ACTIVE,              /* interface active */
+        ST_OUTING,              /* plugout script is running */
+        ST_INSANE,              /* interface seems to be flapping */
+    }           state;
 
-    pid_t	worker;		/* pid of current in/out script */
-    time_t	lastchange;	/* timestamp of last state change */
+    pid_t       worker;         /* pid of current in/out script */
+    time_t      lastchange;     /* timestamp of last state change */
 };
 
 struct if_info *if_info_get_interface(struct nlmsghdr *hdr,
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.